package org.meetunexpectedly.authority.verify;

import org.meetunexpectedly.util.JwtUtils;
import org.meetunexpectedly.authority.AuthorityUtils;

import javax.servlet.http.HttpServletRequest;

/**
 * @Description: 基础授权校验方法
 * @Author: pupil
 * @Date: 2024/09/03 下午 5:50
 */
public class BaseAuthorityVerify implements AuthorityVerify {
    @Override
    public Boolean authorityVerify(HttpServletRequest request, String[] permissions) {
        // 校验登录
        if (!JwtUtils.checkToken(request)) {
            return false;
        }

        // 获取当前用户权限
        Long userId = JwtUtils.getUserId(request);
        for (String permission : permissions) {
            if (!AuthorityUtils.verify(userId, permission)) {
                return false;
            }
        }

        return true;
    }
}
